| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firefox stürzt fast alle 10min abWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.10.2015, 11:09
| #1 |
 |  Firefox stürzt fast alle 10min ab Hallo, ich würde mich sehr freuen, wenn ihr mir helfen könnt. Ich habe schon länger Probleme mit Firefox (ca. 1 Absturz alle 2-3 Tage), seit gestern ist es jedoch ganz extrem geworden, Firefox stürzt fast alle 10min ab, normales Arbeiten ist nicht mehr möglich. Könnt ihr mir bitte weiterhelfen? Ich poste im folgenden die Logfiles (kann diese jedoch nicht interpretieren), habe ich vielleicht irgendeinen Virus oder ähnliches? Defogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:43 on 29/10/2015 (***)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
SPTD -> Already disabled
-=E.O.F=-
FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-10-2015
durchgeführt von *** (Administrator) auf PC (29-10-2015 10:45:24)
Gestartet von C:\Users\***\Desktop
Geladene Profile: *** (Verfügbare Profile: ***)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Fi-les\CTAudSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(BillP Studios) E:\Programme\WinPatrol\WinPatrol.exe
(Informatic Ltd.) C:\Program Files (x86)\Informatic\ORFO 9.0\orfagent.exe
(RealNetworks, Inc.) E:\Programme\RealTimes\RPDS\Bin\rpsystray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office 2010\Office14\ONENOTEM.EXE
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUsb\XFastUsb.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Pan-el\VolPanlu.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) E:\Programme\RealTimes\RPDS\Bin\rpdsvc.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Inc.) E:\Programme\Acrobat 9.0\Acrobat\acrotray.exe
(RealNetworks, Inc.) E:\Programme\RealTimes\Update\realsched.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Up-date\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Compo-nents\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Compo-nents\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RunDLLEntry] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [3019376 2011-02-22] (VIA)
HKLM-x32\...\Run: [XFastUsb] => C:\Program Files (x86)\XFastUsb\XFastUsb.exe [4942336 2012-04-18] (FNet Co., Ltd.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-05-04] (Creative Technology Ltd)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office 2010\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Soft-ware\Avast\AvastUI.exe [5515496 2015-05-28] (Avast Software s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => E:\Programme\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => E:\Programme\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [TkBellExe] => E:\Programme\RealTimes\Update\realsched.exe [286784 2015-08-16] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [614464 2015-07-27] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\Run: [WinPatrol] => E:\Programme\WinPatrol\winpatrol.exe [1128000 2014-06-03] (BillP Studios)
HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-28] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Cor-poration)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Cor-poration)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Cor-poration)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ORFO Agent.lnk [2012-08-27]
ShortcutTarget: ORFO Agent.lnk -> C:\Program Files (x86)\Informatic\ORFO 9.0\orfagent.exe (Informatic Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2015-08-16]
ShortcutTarget: RealTimes.lnk -> E:\Programme\RealTimes\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2014-07-15]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office 2010\Office14\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{EDEF3BBF-1341-4E63-9148-8934BB617129}: [DhcpNameSer-ver] 192.168.0.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explo-rer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/
HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://de.pons.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000 -> {928A6A4C-2ECF-4D2C-AF89-9AC5466B6674} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2015-07-27] (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-07] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2013-10-08] (Adblock Plus)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-07-27] (RealDownloader)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Dragon NaturallySpeaking Rich Internet Application Support - Extension -> {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} -> E:\DRAGON~4\Program\ieShim.dll => Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-07] (Avast Software s.r.o.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems In-corporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office 2010\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2013-10-08] (Adblock Plus)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ztgcxzx1.default-1401185900815
FF Homepage: www.google.at
hxxp://de.pons.com/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corpo-ration)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Fi-les\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-21] (Oracle Corpora-tion)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corpo-ration)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Cor-poration)
FF Plugin-x32: @real.com/nppl3260;version=18.0.2.59 -> E:\Programme\RealTimes\Netscape6\nppl3260.dll [2015-08-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.669 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll [2012-06-24] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.0.2.59 -> E:\Programme\RealTimes\Netscape6\nprpplugin.dll [2015-08-16] (RealTimes)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DragonRIAPlugin -> E:\DRAGON~4\Program\npDgnRia.dll [2013-02-11] (Nuance Communications Inc.)
FF Extension: Block site - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ztgcxzx1.default-1401185900815\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2015-05-28]
FF Extension: Disconnect - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ztgcxzx1.default-1401185900815\Extensions\2.0@disconnect.me.xpi [2015-05-28]
FF Extension: Classic Theme Restorer - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ztgcxzx1.default-1401185900815\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2015-10-28]
FF Extension: New Tab by Yahoo - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ztgcxzx1.default-1401185900815\Extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-10-08] [ist nicht signiert]
FF Extension: Video DownloadHelper - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ztgcxzx1.default-1401185900815\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-08-18]
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ztgcxzx1.default-1401185900815\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: Kein Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-08-14] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Soft-ware\Avast\WebRep\FF [2015-05-28] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - E:\Dragon Naturally Speaking 12 Deutsch\Program\ffShim.xpi => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\default
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-07]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - E:\Dragon Naturally Speaking 12 Deutsch\Program\chromeShim.crx [2013-02-11]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-28] (Avast Software s.r.o.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Fi-les\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-04-18] (Creative Labs) [Datei ist nicht signiert]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-04-18] (Crea-tive Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [Datei ist nicht signiert]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-06-29] (Macro-vision Europe Ltd.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht sig-niert]
S3 Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office 2010\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32880 2015-07-27] ()
R2 RealTimes Desktop Service; E:\Programme\RealTimes\RPDS\Bin\rpdsvc.exe [1115736 2015-08-16] (RealNetworks, Inc.)
S3 Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [79360 2012-04-18] (Creative Labs) [Datei ist nicht signiert]
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-02-17] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Soft-ware\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-28] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-28] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-28] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-28] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-28] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2012-04-18] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2012-04-18] (FNet Co., Ltd.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-07-15] (Duplex Se-cure Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Soft-ware\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner ver-schoben.)
2015-10-29 10:45 - 2015-10-29 10:45 - 00023015 _____ C:\Users\***\Desktop\FRST.txt
2015-10-29 10:43 - 2015-10-29 10:43 - 00000528 _____ C:\Users\***\Desktop\defogger_disable.log
2015-10-29 10:42 - 2015-10-29 10:42 - 00050477 _____ C:\Users\***\Desktop\Defogger.exe
2015-10-29 10:13 - 2015-10-29 10:13 - 00000056 _____ C:\Windows\setupact.log
2015-10-29 10:13 - 2015-10-29 10:13 - 00000000 _____ C:\Windows\setuperr.log
2015-10-21 09:08 - 2015-10-21 09:08 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-10-18 15:02 - 2015-10-29 10:29 - 00688654 _____ C:\Windows\WindowsUpdate.log
2015-10-16 15:12 - 2015-10-17 14:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-15 13:45 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 13:45 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 13:45 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 13:45 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 13:45 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 13:45 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 13:45 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 09:29 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 09:29 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 09:29 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 09:29 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 09:29 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 09:29 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 09:29 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 09:29 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 09:29 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 09:29 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 09:29 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 09:29 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 09:29 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 09:29 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 09:29 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 09:29 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 09:29 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 09:29 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 09:29 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 09:29 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 09:29 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 09:29 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 09:29 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 09:29 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 09:29 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-14 09:29 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 09:29 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 09:29 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 09:29 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 09:29 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-14 09:29 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-14 09:29 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-14 09:29 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 09:29 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 09:29 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 09:29 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 09:29 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 09:29 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 09:29 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 09:29 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-14 09:29 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-14 09:29 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 09:29 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-14 09:29 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 09:29 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 09:29 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-14 09:29 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 09:29 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 09:29 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 09:29 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-14 09:29 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 09:29 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 09:29 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 09:29 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-14 09:29 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 09:29 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 09:29 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 09:29 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 09:29 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 09:29 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-14 09:29 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 09:29 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 09:29 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 09:29 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 09:29 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 09:29 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 09:29 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 09:29 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 09:28 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 09:28 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 09:28 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 09:28 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 09:28 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 09:28 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 09:28 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 09:28 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-14 09:28 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 09:28 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 09:28 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 09:28 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 09:28 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-14 09:28 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-14 09:28 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-14 09:28 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 09:28 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 09:28 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 09:28 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-14 09:28 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 09:28 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-14 09:28 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 09:28 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 09:28 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 09:28 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 09:28 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 09:28 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 09:28 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 09:28 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 09:28 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-14 09:28 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-14 09:28 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 09:28 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 09:28 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 09:28 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 09:28 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 09:28 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 09:28 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 09:28 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-14 09:28 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 09:28 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-14 09:28 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 09:28 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-14 09:28 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 09:28 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-14 09:28 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-14 09:28 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-14 09:28 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 09:28 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 09:28 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-14 09:28 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-14 09:28 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 09:28 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 09:28 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 09:28 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-14 09:28 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-14 09:28 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 09:28 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 09:28 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 09:28 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 09:28 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 09:28 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 09:28 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 09:28 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 09:28 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 09:28 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 09:28 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 09:28 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 09:28 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 09:28 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 09:28 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 09:28 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 09:28 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-14 09:28 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 09:28 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 09:28 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 09:28 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 09:28 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 09:28 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 09:28 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 09:28 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 09:28 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 09:28 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 09:28 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-14 09:28 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 09:28 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-14 09:28 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 09:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-04 22:33 - 2015-10-05 07:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner ver-schoben.)
2015-10-29 10:45 - 2014-09-23 13:37 - 00000000 ____D C:\FRST
2015-10-29 10:44 - 2015-02-23 18:43 - 02197504 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2015-10-29 10:37 - 2014-06-12 20:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-29 10:31 - 2013-03-04 21:40 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-29 10:28 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-29 10:28 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-29 10:17 - 2011-04-12 08:43 - 00699432 _____ C:\Windows\system32\perfh007.dat
2015-10-29 10:17 - 2011-04-12 08:43 - 00149572 _____ C:\Windows\system32\perfc007.dat
2015-10-29 10:17 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-29 10:13 - 2013-03-04 21:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-29 10:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-29 00:59 - 2012-05-12 20:03 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2015-10-28 22:27 - 2013-05-31 22:58 - 00000000 ____D C:\ProgramData\TEMP
2015-10-28 22:09 - 2012-09-08 13:45 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype
2015-10-28 22:08 - 2015-08-16 15:37 - 00003332 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4118839908-2255762619-2302489997-1000
2015-10-28 22:08 - 2015-08-16 15:37 - 00003202 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4118839908-2255762619-2302489997-1000
2015-10-28 22:07 - 2014-09-23 12:42 - 00000000 ____D C:\AdwCleaner
2015-10-28 10:10 - 2012-06-24 15:12 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2015-10-24 22:57 - 2014-06-28 13:09 - 00000000 ____D C:\Users\***\AppData\LocalLow\Adblock Plus for IE
2015-10-21 09:06 - 2015-08-26 20:31 - 00000000 ____D C:\Users\***\.oracle_jre_usage
2015-10-21 09:06 - 2014-10-19 09:31 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-21 09:06 - 2014-10-19 09:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-21 09:06 - 2014-10-19 09:31 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-19 21:35 - 2012-05-18 08:27 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2015-10-17 14:37 - 2012-05-03 10:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-17 09:37 - 2014-06-12 20:07 - 00780488 _____ (Adobe Systems Incorpo-rated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-17 09:37 - 2014-06-12 20:07 - 00142536 _____ (Adobe Systems Incorpo-rated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-17 09:37 - 2014-06-12 20:07 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-16 18:30 - 2015-07-02 19:56 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-15 23:46 - 2014-12-10 15:43 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-15 23:46 - 2014-04-30 09:52 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-15 20:00 - 2013-06-13 15:03 - 00000000 ____D C:\Windows\rescache
2015-10-15 00:34 - 2013-07-25 10:06 - 00000000 ____D C:\Windows\system32\MRT
2015-10-15 00:34 - 2012-05-28 14:40 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-15 00:30 - 2012-04-19 12:54 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-15 00:28 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2015-10-13 17:35 - 2015-07-02 19:56 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-11 10:40 - 2012-04-19 12:28 - 00000000 ____D C:\ProgramData\Skype
2015-10-08 22:26 - 2015-04-06 00:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-08 12:56 - 2015-04-06 00:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-06-01 14:43 - 2013-06-19 10:12 - 0001555 _____ () C:\Users\***\AppData\Roaming\SAS7_000.DAT
2013-02-26 13:31 - 2013-06-18 08:56 - 0000085 ___SH () C:\ProgramData\.zreglib
2012-06-08 16:08 - 2012-06-08 16:08 - 0000032 _____ () C:\ProgramData\ezsid.dat
2012-04-19 12:45 - 2012-04-19 12:45 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\ezsid.dat
Einige Dateien in TEMP:
====================
C:\Users\***\AppData\Local\Temp\Quarantine.exe
C:\Users\***\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-21 00:25
==================== Ende von FRST.txt ============================
FRST.Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Versi-on:28-10-2015
durchgeführt von *** (2015-10-29 10:45:50)
Gestartet von C:\Users\***\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-18 14:36:04)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4118839908-2255762619-2302489997-500 - Administrator - Disabled)
Gast (S-1-5-21-4118839908-2255762619-2302489997-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4118839908-2255762619-2302489997-1002 - Limited - Enabled)
*** (S-1-5-21-4118839908-2255762619-2302489997-1000 - Administrator - Enabled) => C:\Users\***
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenom-men werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Ver-sion: 1.1 - )
Adobe Acrobat 9 Pro - Italiano, Español, Nederlands, Português (HKLM-x32\...\{AC76BA86-1040-7D70-7760-000000000004}{AC76BA86-1040-7D70-7760-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20071 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
ASRock eXtreme Tuner v0.1.77 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - )
ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - )
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon MG3100 series Benutzerregistrierung (HKLM-x32\...\Canon MG3100 series Benutzerregistrierung) (Version: - )
Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version: - )
Canon MG3100 series On-screen Manual (HKLM-x32\...\Canon MG3100 series On-screen Manual) (Version: - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.50.000 - Nuance Communications Inc.)
Free Studio version 6.4.3.128 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.3.128 - DVDVideoSoft Ltd.)
FreeTorrentViewer (HKLM-x32\...\FreeTorrentViewer) (Version: 1.0.0.1 - Free Torrent Viewer)
Google Books Downloader version 2.3 (HKLM-x32\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.3 - GBOOKSDOWNLOADER.COM)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - Portuguese/Português (Brasil) (HKLM-x32\...\Office14.OMUI.pt-br) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - Portuguese/Português (HKLM-x32\...\Office14.OMUI.pt-pt) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - Spanish/Español (HKLM-x32\...\Office14.OMUI.es-es) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Ver-sion: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Mi-crosoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Mi-crosoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Mi-crosoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Vi-sual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Ver-sion: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Office-Bibliothek (HKLM-x32\...\{5C81B189-5456-40C4-9313-7FE6FA6DD64C}) (Version: 5.00.4 - Bibliographisches Institut & F.A. Brockhaus AG)
ORFO 9.0 (HKLM-x32\...\InstallShield_{FDEA11CF-BAF9-4EFE-AF7C-58EAB614A407}) (Version: 9.0 - Informatic)
ORFO 9.0 (HKLM-x32\...\Orfo) (Version: - )
ORFO 9.0 (x32 Version: 9.0 - Informatic) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Platform (x32 Version: 1.36 - VIA Technologies, Inc.) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Ver-sion: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 18.0.2.56 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.0.2.60 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNet-works, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNet-works, Inc) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
RealTimes (RealPlayer) (HKLM-x32\...\RealPlayer 18.0) (Version: 18.0.2 - RealNet-works)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0416-0000-0000000FF1CE}_Office14.OMUI.pt-br_{1C7BD792-204F-49EB-BF0B-A0F9C904128D}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0816-0000-0000000FF1CE}_Office14.OMUI.pt-pt_{95604CB2-E3F3-40FD-B90D-2DB0F144F4A2}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0C0A-0000-0000000FF1CE}_Office14.OMUI.es-es_{18B9CFE9-6DD6-4C09-8146-F443DBBD62CF}) (Version: - Microsoft)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Ver-sion: 7.12.101 - Skype Technologies S.A.)
Sound Blaster X-Fi MB (HKLM-x32\...\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}) (Version: 1.0 - Creative Technology Limited)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tele2 Internet (x32 Version: 1.0 - Tele2UTA Telecommunication GmbH) Hidden
TreeSize Free V3.3 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.3 - JAM Software)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.)
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 31.0.2014.0 - BillP Studios)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XFastUsb (HKLM-x32\...\XFastUsb) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
27-10-2015 09:47:07 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2014-05-12 10:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03783D24-AA74-4CDE-B9F4-D3ABE357AA53} - Sys-tem32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {096FEDF5-8579-4831-B7BC-462F5EBFD18F} - Sys-tem32\Tasks\{8EFD28B5-5E1F-4DE6-96B8-F7CF102255A3} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-09-27] (Skype Technologies S.A.)
Task: {0F449EC8-850D-41A9-87A3-6AABD217EB5D} - Sys-tem32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {13BA7AE6-F9FE-4346-A602-5F929F560903} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {13CB59E9-9BE8-4C54-B915-88CC0A9CB39B} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {21876698-A3EC-466E-82AB-4C5D27EC0E2F} - Sys-tem32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4118839908-2255762619-2302489997-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-07-27] (RealNetworks, Inc.)
Task: {22AB92A0-1403-4F27-ADB9-8885F399162B} - Sys-tem32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4118839908-2255762619-2302489997-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-07-27] (RealNetworks, Inc.)
Task: {53668DBE-51D5-4C93-BF59-CAD78B52B084} - Sys-tem32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {56BA08EF-6F16-4162-ABDD-254DBAEB719D} - Sys-tem32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4118839908-2255762619-2302489997-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-07-27] (RealNetworks, Inc.)
Task: {6968FCF6-CF41-4547-925C-965494C0CCD7} - Sys-tem32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4118839908-2255762619-2302489997-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-07-27] (RealNetworks, Inc.)
Task: {90047B4C-6CEA-43A3-BBB0-7DF141FE638E} - Sys-tem32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2015-07-27] ()
Task: {94BFB23B-A9BD-447A-B066-7BE0735BD490} - Sys-tem32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-4118839908-2255762619-2302489997-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2015-07-27] (RealNet-works, Inc.)
Task: {A30D6A7F-277C-4832-8F44-7E449CF9ADCB} - Sys-tem32\Tasks\Games\UpdateCheck_S-1-5-21-4118839908-2255762619-2302489997-1000
Task: {A3D367F9-DF1F-4D7A-9C93-2A55841D67C0} - Sys-tem32\Tasks\RealUpgradeLogonTaskS-1-5-21-4118839908-2255762619-2302489997-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-07-27] (RealNetworks, Inc.)
Task: {AA1CF60E-851D-4740-B83A-F128B4B22DB2} - Sys-tem32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4118839908-2255762619-2302489997-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-07-27] (RealNetworks, Inc.)
Task: {B4F34596-E14C-4B4B-8A0E-D14F6D3D477D} - System32\Tasks\Java Up-date Scheduler => C:\Program Files (x86)\Common Files\Java\Java Up-date\jusched.exe [2015-10-06] (Oracle Corporation)
Task: {BC33D8A2-C260-44A9-9EE1-5BA4BF4B5C17} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {D589B562-AC24-4568-BC16-BC93634CDCA3} - System32\Tasks\Adobe Ac-robat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {E39552D0-681F-4E9D-8E67-6DFAA77FBF39} - Sys-tem32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-04-18 17:22 - 2011-01-27 01:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-04-18 17:23 - 2011-02-22 07:03 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2012-04-18 17:23 - 2011-02-22 07:03 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2012-04-18 17:23 - 2011-02-22 07:03 - 00621168 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2015-07-27 20:28 - 2015-07-27 20:28 - 00032880 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2015-07-27 18:40 - 2015-07-27 18:40 - 00614464 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2015-01-21 03:06 - 2015-01-21 03:06 - 00057344 _____ () C:\Program Fi-les\CCleaner\lang\lang-1031.dll
2015-05-28 15:45 - 2015-05-28 15:45 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-28 15:45 - 2015-05-28 15:45 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-10-28 19:25 - 2015-10-28 19:25 - 02998664 _____ () C:\Program Files\AVAST Software\Avast\defs\15102801\algo.dll
2012-04-18 17:27 - 2009-02-06 17:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2012-04-18 17:27 - 2009-04-20 10:55 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2015-07-27 20:28 - 2015-07-27 20:28 - 00037512 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2015-07-27 20:28 - 2015-07-27 20:28 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2015-07-27 20:28 - 2015-07-27 20:28 - 00037528 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2015-04-07 10:50 - 2015-04-07 10:50 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-27 18:35 - 2015-07-27 18:35 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2015-07-27 18:40 - 2015-07-27 18:40 - 00066624 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
2015-10-04 22:33 - 2015-10-04 22:33 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-10-04 22:33 - 2015-10-04 22:33 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 6052 mehr Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4118839908-2255762619-2302489997-1000\Control Pan-el\Desktop\\Wallpaper -> C:\Users\***\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Fi-les\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Fi-les\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: VoipCheapCom => "E:\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{3AA7DD3A-75DD-4640-8422-2CA3D3D67CCF}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Sup-port\WebKit2WebProcess.exe
FirewallRules: [{F78BEF07-D761-4223-9165-0E1CFAF1BB68}] => (Allow) C:\Program Files (x86)\Microsoft Office 2010\Office14\ONENOTE.EXE
FirewallRules: [{6B3BB24F-EBD0-43B5-8CC9-3EFB5AE37748}] => (Allow) C:\Program Files (x86)\Microsoft Office 2010\Office14\ONENOTE.EXE
FirewallRules: [{E6DFF73B-7A91-4E36-8A87-E79F5D64BEBE}] => (Allow) C:\Program Files (x86)\Microsoft Office 2010\Office14\GROOVE.EXE
FirewallRules: [{F8148CA1-D4E1-4270-8518-87B1B0AD7728}] => (Allow) C:\Program Files (x86)\Microsoft Office 2010\Office14\GROOVE.EXE
FirewallRules: [TCP Query User{AE6AC26E-31C4-4A80-8F3F-864B3C33F7C9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{1428009F-2C29-4F55-BC28-DA21E2C39105}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{169C82A3-C83C-4609-846F-4F213F467680}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1775C421-2531-4661-B09F-0D3075A5DD67}] => (Allow) C:\Program Files (x86)\Microsoft Office 2010\Office14\GROOVE.EXE
FirewallRules: [{E8216F70-9A2B-42BF-8D7E-8CC7A1AA652A}] => (Allow) C:\Program Files (x86)\Microsoft Office 2010\Office14\GROOVE.EXE
FirewallRules: [{E1528A64-E3E4-4BCD-99C6-871CD515E188}] => (Allow) C:\Program Files (x86)\Microsoft Office 2010\Office14\ONENOTE.EXE
FirewallRules: [{EB492823-3CC2-4368-9378-36C6EB5EF493}] => (Allow) C:\Program Files (x86)\Microsoft Office 2010\Office14\ONENOTE.EXE
FirewallRules: [{1B6AA180-9699-47B0-BA37-70BA34AACCFF}] => (Allow) LPort=51001
FirewallRules: [TCP Query User{41FD8757-030E-4F64-8047-CDD875A2FDE0}C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe] => (Block) C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe
FirewallRules: [UDP Query User{58675FBD-077F-402B-99FC-D802347E1522}C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe] => (Block) C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe
FirewallRules: [{5EA860B8-8949-4203-B836-85008B466A5D}] => (Allow) E:\Downloads Pro-gramme\digui_digui_kursbuch_curs_de_catalÀ_per_a_estrangers_downloader.exe
FirewallRules: [{CB247EB6-BAEF-4C46-ABE5-DD95BB30F0E3}] => (Allow) E:\Downloads Pro-gramme\digui_digui_kursbuch_curs_de_catalÀ_per_a_estrangers_downloader.exe
FirewallRules: [{2D27F636-326F-495E-BA2F-B4500184EA0F}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{1E896B55-D95A-4386-A2DF-126F9DEB7201}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{F0BABEEC-6746-4BEE-8C6C-3EF2E005C66B}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{09C09B6E-B5F1-407D-AFE5-330E86ED487E}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{7BE485B9-FFF2-4F16-88BD-BB0B6A449EFB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{882C2B4F-4372-4F67-B8E9-617FCEA6923A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4A35EFA2-B961-4DB4-9FCD-513AD5DFB704}] => (Allow) E:\Programme\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{4A36B407-C5FB-4BC7-A6A6-F84DCDDE3DCC}] => (Allow) E:\Programme\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{DAC5956E-FAF6-466A-BC3F-CF0AF72A68DE}] => (Allow) E:\Programme\RealTimes\RPDS\Bin\rpdsvc.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/29/2015 10:13:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND Target-Instance.LoadPercentage > 990x80041003
Error: (10/29/2015 12:08:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND Target-Instance.LoadPercentage > 990x80041003
Error: (10/28/2015 11:02:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 41.0.2.5765 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 618
Startzeit: 01d111c753c27a31
Endzeit: 31
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 8699db60-7dbf-11e5-81a0-002522ce01c6
Error: (10/28/2015 10:08:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND Target-Instance.LoadPercentage > 990x80041003
Error: (10/28/2015 09:03:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x840
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (10/28/2015 07:25:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND Target-Instance.LoadPercentage > 990x80041003
Error: (10/28/2015 11:14:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x17a4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (10/28/2015 09:12:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND Target-Instance.LoadPercentage > 990x80041003
Error: (10/27/2015 10:10:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: downloader2.exe, Version: 18.0.2.60, Zeitstempel: 0x55b6eb8c
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0xacc
Startzeit der fehlerhaften Anwendung: 0xdownloader2.exe0
Pfad der fehlerhaften Anwendung: downloader2.exe1
Pfad des fehlerhaften Moduls: downloader2.exe2
Berichtskennung: downloader2.exe3
Error: (10/27/2015 09:43:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND Target-Instance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (10/28/2015 11:01:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {49F171DD-B51A-40D3-9A6C-52D674CC729D}
Error: (10/28/2015 10:07:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RealTimes Desktop Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/28/2015 10:07:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde un-erwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnah-men werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/28/2015 10:07:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dragon Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/28/2015 10:07:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RealPlayer Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/28/2015 10:07:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/28/2015 10:07:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/28/2015 10:07:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Milli-sekunden durchgeführt: Neustart des Diensts.
Error: (10/28/2015 10:07:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/28/2015 10:07:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Creative Audio Service" wurde unerwartet beendet. Dies ist be-reits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2014-05-12 11:10:53.249
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Da-teihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-12 11:10:53.156
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Da-teihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Celeron(R) CPU G530 @ 2.40GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 3816.75 MB
Verfügbarer physikalischer RAM: 2054.7 MB
Summe virtueller Speicher: 5814.95 MB
Verfügbarer virtueller Speicher: 3960.07 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:59.53 GB) (Free:11.83 GB) NTFS
Drive d: (VEUS 2) (CDROM) (Total:0.19 GB) (Free:0 GB) CDFS
Drive e: (Volume) (Fixed) (Total:931.51 GB) (Free:625.79 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 59.6 GB) (Disk ID: 5B478C15)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=59.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 36DE7CD4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Gmer.txt Code:
ATTFilter GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-10-29 10:59:32
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 M4-CT064M4SSD2 rev.0309 59,63GB
Running: Gmer-19357.exe; Driver: C:\Users\***\AppData\Local\Temp\pxldapow.sys
---- User code sections - GMER 2.1 ----
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075581401 2 bytes JMP 755eb21b C:\Windows\syswow64\kernel32.dll
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075581419 2 bytes JMP 755eb346 C:\Windows\syswow64\kernel32.dll
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075581431 2 bytes JMP 75668fd1 C:\Windows\syswow64\kernel32.dll
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007558144a 2 bytes CALL 755c489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000755814dd 2 bytes JMP 756688c4 C:\Windows\syswow64\kernel32.dll
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000755814f5 2 bytes JMP 75668aa0 C:\Windows\syswow64\kernel32.dll
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007558150d 2 bytes JMP 756687ba C:\Windows\syswow64\kernel32.dll
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075581525 2 bytes JMP 75668b8a C:\Windows\syswow64\kernel32.dll
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007558153d 2 bytes JMP 755dfca8 C:\Windows\syswow64\kernel32.dll
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075581555 2 bytes JMP 755e68ef C:\Windows\syswow64\kernel32.dll
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007558156d 2 bytes JMP 75669089 C:\Windows\syswow64\kernel32.dll
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075581585 2 bytes JMP 75668bea C:\Windows\syswow64\kernel32.dll
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007558159d 2 bytes JMP 7566877e C:\Windows\syswow64\kernel32.dll
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000755815b5 2 bytes JMP 755dfd41 C:\Windows\syswow64\kernel32.dll
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000755815cd 2 bytes JMP 755eb2dc C:\Windows\syswow64\kernel32.dll
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000755816b2 2 bytes JMP 75668f4c C:\Windows\syswow64\kernel32.dll
.text E:\Programme\WinPatrol\WinPatrol.exe[1780] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000755816bd 2 bytes JMP 75668713 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075581401 2 bytes JMP 755eb21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075581419 2 bytes JMP 755eb346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075581431 2 bytes JMP 75668fd1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007558144a 2 bytes CALL 755c489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000755814dd 2 bytes JMP 756688c4 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000755814f5 2 bytes JMP 75668aa0 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007558150d 2 bytes JMP 756687ba C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075581525 2 bytes JMP 75668b8a C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007558153d 2 bytes JMP 755dfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075581555 2 bytes JMP 755e68ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007558156d 2 bytes JMP 75669089 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075581585 2 bytes JMP 75668bea C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007558159d 2 bytes JMP 7566877e C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000755815b5 2 bytes JMP 755dfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000755815cd 2 bytes JMP 755eb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000755816b2 2 bytes JMP 75668f4c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe[3028] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000755816bd 2 bytes JMP 75668713 C:\Windows\syswow64\kernel32.dll
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xEE 0x29 0x07 0x84 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xEE 0x29 0x07 0x84 ...
---- EOF - GMER 2.1 ----
Der Virenscan (avast) war negativ. Ich habe Windows 7 (64bit) und verwende Firefox. Vielen Dank im Voraus für eure Hilfe!! |
|
29.10.2015, 11:25
| #2 |
| /// the machine /// TB-Ausbilder    | Firefox stürzt fast alle 10min ab hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
29.10.2015, 12:17
| #3 |
| | Firefox stürzt fast alle 10min ab Hallo,
__________________vielen Dank für deine schnelle Antwort, hier die Ergebnisse (keines der beiden Programme hat etwas gefunden): Malwarebytes (hier konnte ich das mit dem CleanUp nicht machen, da ja nichts gefunden wurde): Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.10.29.02
rootkit: v2015.10.28.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18059
*** :: PC [administrator]
29.10.2015 11:54:59
mbar-log-2015-10-29 (11-54-59).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 374292
Time elapsed: 9 minute(s), 58 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
TDSSKiller: Code:
ATTFilter
12:10:05.0720 0x0fd8 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
12:10:18.0787 0x0fd8 ============================================================
12:10:18.0787 0x0fd8 Current date / time: 2015/10/29 12:10:18.0787
12:10:18.0788 0x0fd8 SystemInfo:
12:10:18.0788 0x0fd8
12:10:18.0788 0x0fd8 OS Version: 6.1.7601 ServicePack: 1.0
12:10:18.0788 0x0fd8 Product type: Workstation
12:10:18.0788 0x0fd8 ComputerName: PC
12:10:18.0788 0x0fd8 UserName: ***
12:10:18.0788 0x0fd8 Windows directory: C:\Windows
12:10:18.0788 0x0fd8 System windows directory: C:\Windows
12:10:18.0788 0x0fd8 Running under WOW64
12:10:18.0788 0x0fd8 Processor architecture: Intel x64
12:10:18.0788 0x0fd8 Number of processors: 2
12:10:18.0788 0x0fd8 Page size: 0x1000
12:10:18.0788 0x0fd8 Boot type: Normal boot
12:10:18.0788 0x0fd8 ============================================================
12:10:18.0927 0x0fd8 KLMD registered as C:\Windows\system32\drivers\05939946.sys
12:10:19.0035 0x0fd8 System UUID: {1B912BF3-CF18-0B65-FBCC-69F0E3C98CCB}
12:10:19.0413 0x0fd8 Drive \Device\Harddisk0\DR0 - Size: 0xEE8156000 ( 59.63 Gb ), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:10:19.0434 0x0fd8 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:10:19.0439 0x0fd8 ============================================================
12:10:19.0439 0x0fd8 \Device\Harddisk0\DR0:
12:10:19.0439 0x0fd8 MBR partitions:
12:10:19.0439 0x0fd8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:10:19.0440 0x0fd8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x770D800
12:10:19.0440 0x0fd8 \Device\Harddisk1\DR1:
12:10:19.0443 0x0fd8 MBR partitions:
12:10:19.0443 0x0fd8 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
12:10:19.0443 0x0fd8 ============================================================
12:10:19.0444 0x0fd8 C: <-> \Device\Harddisk0\DR0\Partition2
12:10:19.0469 0x0fd8 E: <-> \Device\Harddisk1\DR1\Partition1
12:10:19.0469 0x0fd8 ============================================================
12:10:19.0469 0x0fd8 Initialize success
12:10:19.0469 0x0fd8 ============================================================
12:11:09.0701 0x0e34 ============================================================
12:11:09.0702 0x0e34 Scan started
12:11:09.0702 0x0e34 Mode: Manual; SigCheck; TDLFS;
12:11:09.0702 0x0e34 ============================================================
12:11:09.0702 0x0e34 KSN ping started
12:11:12.0440 0x0e34 KSN ping finished: true
12:11:12.0773 0x0e34 ================ Scan system memory ========================
12:11:12.0773 0x0e34 System memory - ok
12:11:12.0775 0x0e34 ================ Scan services =============================
12:11:12.0818 0x0e34 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:11:12.0878 0x0e34 1394ohci - ok
12:11:12.0896 0x0e34 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:11:12.0917 0x0e34 ACPI - ok
12:11:12.0921 0x0e34 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:11:12.0944 0x0e34 AcpiPmi - ok
12:11:12.0953 0x0e34 [ F6CEFEF46986DE02A3AE5D93AE32B5DC, 903EC5A7B40F4F6B2F3378EFFE8DF28667B88061CDF681C44F2E4FE39B62959E ] Ado-beARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:11:12.0965 0x0e34 AdobeARMservice - ok
12:11:12.0990 0x0e34 [ 8C194A201698B4B4F77D974549819D1F, 081A2496FE1CE519E48677D99A831FF1FEEB1B33C75224CF288FA52F3E0E5FF0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:11:13.0007 0x0e34 AdobeFlashPlayerUpdateSvc - ok
12:11:13.0027 0x0e34 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:11:13.0052 0x0e34 adp94xx - ok
12:11:13.0066 0x0e34 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:11:13.0086 0x0e34 adpahci - ok
12:11:13.0094 0x0e34 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:11:13.0110 0x0e34 adpu320 - ok
12:11:13.0118 0x0e34 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:11:13.0134 0x0e34 AeLookupSvc - ok
12:11:13.0150 0x0e34 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:11:13.0178 0x0e34 AFD - ok
12:11:13.0184 0x0e34 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:11:13.0196 0x0e34 agp440 - ok
12:11:13.0202 0x0e34 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:11:13.0220 0x0e34 ALG - ok
12:11:13.0225 0x0e34 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:11:13.0236 0x0e34 aliide - ok
12:11:13.0240 0x0e34 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:11:13.0251 0x0e34 amdide - ok
12:11:13.0257 0x0e34 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:11:13.0271 0x0e34 AmdK8 - ok
12:11:13.0276 0x0e34 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:11:13.0291 0x0e34 AmdPPM - ok
12:11:13.0297 0x0e34 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:11:13.0311 0x0e34 amdsata - ok
12:11:13.0320 0x0e34 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:11:13.0336 0x0e34 amdsbs - ok
12:11:13.0341 0x0e34 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:11:13.0352 0x0e34 amdxata - ok
12:11:13.0357 0x0e34 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
12:11:13.0372 0x0e34 AppID - ok
12:11:13.0377 0x0e34 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:11:13.0389 0x0e34 AppIDSvc - ok
12:11:13.0395 0x0e34 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
12:11:13.0409 0x0e34 Appinfo - ok
12:11:13.0418 0x0e34 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:11:13.0431 0x0e34 arc - ok
12:11:13.0438 0x0e34 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:11:13.0451 0x0e34 arcsas - ok
12:11:13.0465 0x0e34 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:11:13.0480 0x0e34 aspnet_state - ok
12:11:13.0485 0x0e34 [ 912A215CE180A6E7C923C662D7EC777D, 2828D6403F693B1CF4AD4F47A4C096E6B31E680665F5BBCCAA69416FFA7FF2E0 ] AsrAppCharger C:\Windows\system32\DRIVERS\AsrAppCharger.sys
12:11:13.0502 0x0e34 AsrAppCharger - ok
12:11:13.0507 0x0e34 [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
12:11:13.0519 0x0e34 aswHwid - ok
12:11:13.0525 0x0e34 [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
12:11:13.0538 0x0e34 aswMonFlt - ok
12:11:13.0545 0x0e34 [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
12:11:13.0558 0x0e34 aswRdr - ok
12:11:13.0564 0x0e34 [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
12:11:13.0576 0x0e34 aswRvrt - ok
12:11:13.0606 0x0e34 [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
12:11:13.0647 0x0e34 aswSnx - ok
12:11:13.0664 0x0e34 [ A04F190FCD762E7BCC9BFC70563C52DB, 2BF6823F2EADBDA28DF1CCECCAC84D9FF37D3CFB66A7B402575C6B9FCFB45EB3 ] aswSP C:\Windows\system32\drivers\aswSP.sys
12:11:13.0687 0x0e34 aswSP - ok
12:11:13.0694 0x0e34 [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm C:\Windows\system32\drivers\aswStm.sys
12:11:13.0710 0x0e34 aswStm - ok
12:11:13.0721 0x0e34 [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
12:11:13.0739 0x0e34 aswVmm - ok
12:11:13.0744 0x0e34 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:11:13.0806 0x0e34 AsyncMac - ok
12:11:13.0810 0x0e34 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:11:13.0821 0x0e34 atapi - ok
12:11:13.0841 0x0e34 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] Audio-EndpointBuilder C:\Windows\System32\Audiosrv.dll
12:11:13.0877 0x0e34 AudioEndpointBuilder - ok
12:11:13.0898 0x0e34 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:11:13.0927 0x0e34 AudioSrv - ok
12:11:13.0943 0x0e34 [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:11:13.0963 0x0e34 avast! Antivirus - ok
12:11:13.0967 0x0e34 AvastVBoxSvc - ok
12:11:13.0975 0x0e34 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:11:14.0002 0x0e34 AxInstSV - ok
12:11:14.0018 0x0e34 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:11:14.0044 0x0e34 b06bdrv - ok
12:11:14.0055 0x0e34 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:11:14.0076 0x0e34 b57nd60a - ok
12:11:14.0085 0x0e34 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:11:14.0102 0x0e34 BDESVC - ok
12:11:14.0106 0x0e34 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:11:14.0139 0x0e34 Beep - ok
12:11:14.0162 0x0e34 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:11:14.0202 0x0e34 BFE - ok
12:11:14.0229 0x0e34 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
12:11:14.0323 0x0e34 BITS - ok
12:11:14.0329 0x0e34 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:11:14.0344 0x0e34 blbdrive - ok
12:11:14.0350 0x0e34 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:11:14.0366 0x0e34 bowser - ok
12:11:14.0370 0x0e34 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:11:14.0386 0x0e34 BrFiltLo - ok
12:11:14.0390 0x0e34 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:11:14.0405 0x0e34 BrFiltUp - ok
12:11:14.0412 0x0e34 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:11:14.0449 0x0e34 BridgeMP - ok
12:11:14.0457 0x0e34 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:11:14.0476 0x0e34 Browser - ok
12:11:14.0486 0x0e34 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:11:14.0509 0x0e34 Brserid - ok
12:11:14.0514 0x0e34 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:11:14.0530 0x0e34 BrSerWdm - ok
12:11:14.0534 0x0e34 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:11:14.0550 0x0e34 BrUsbMdm - ok
12:11:14.0554 0x0e34 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:11:14.0567 0x0e34 BrUsbSer - ok
12:11:14.0573 0x0e34 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:11:14.0590 0x0e34 BTHMODEM - ok
12:11:14.0597 0x0e34 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:11:14.0633 0x0e34 bthserv - ok
12:11:14.0636 0x0e34 catchme - ok
12:11:14.0643 0x0e34 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:11:14.0679 0x0e34 cdfs - ok
12:11:14.0687 0x0e34 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:11:14.0703 0x0e34 cdrom - ok
12:11:14.0709 0x0e34 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:11:14.0745 0x0e34 CertPropSvc - ok
12:11:14.0751 0x0e34 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:11:14.0767 0x0e34 circlass - ok
12:11:14.0780 0x0e34 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
12:11:14.0801 0x0e34 CLFS - ok
12:11:14.0808 0x0e34 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:11:14.0821 0x0e34 clr_optimization_v2.0.50727_32 - ok
12:11:14.0829 0x0e34 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:11:14.0842 0x0e34 clr_optimization_v2.0.50727_64 - ok
12:11:14.0852 0x0e34 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:11:14.0866 0x0e34 clr_optimization_v4.0.30319_32 - ok
12:11:14.0873 0x0e34 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:11:14.0890 0x0e34 clr_optimization_v4.0.30319_64 - ok
12:11:14.0895 0x0e34 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:11:14.0909 0x0e34 CmBatt - ok
12:11:14.0913 0x0e34 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:11:14.0924 0x0e34 cmdide - ok
12:11:14.0940 0x0e34 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
12:11:14.0970 0x0e34 CNG - ok
12:11:14.0975 0x0e34 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:11:14.0986 0x0e34 Compbatt - ok
12:11:14.0991 0x0e34 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:11:15.0007 0x0e34 CompositeBus - ok
12:11:15.0010 0x0e34 COMSysApp - ok
12:11:15.0016 0x0e34 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:11:15.0027 0x0e34 crcdisk - ok
12:11:15.0034 0x0e34 [ C8BD651E13895B93ED9EC5B4F1DF42BC, D86D6BF0BA3C09B49B3A52C86A7F3B3856A27F79EDD86A8FFA469D9A5F196E8D ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
12:11:15.0040 0x0e34 Creative ALchemy AL6 Licensing Service - detected Un-signedFile.Multi.Generic ( 1 )
12:11:17.0405 0x0e34 Detect skipped due to KSN trusted
12:11:17.0405 0x0e34 Creative ALchemy AL6 Licensing Service - ok
12:11:17.0410 0x0e34 [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
12:11:17.0417 0x0e34 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
12:11:19.0775 0x0e34 Detect skipped due to KSN trusted
12:11:19.0775 0x0e34 Creative Audio Engine Licensing Service - ok
12:11:19.0789 0x0e34 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:11:19.0814 0x0e34 CryptSvc - ok
12:11:19.0829 0x0e34 [ 07BA6D17E66879018B30B6C3F976EBED, 1759CE25519358A47E1B1FA02A415DB5D3F6B511AD3820D0AE8A1533B5DC83CD ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
12:11:19.0843 0x0e34 CTAudSvcService - detected UnsignedFile.Multi.Generic ( 1 )
12:11:22.0201 0x0e34 Detect skipped due to KSN trusted
12:11:22.0201 0x0e34 CTAudSvcService - ok
12:11:22.0233 0x0e34 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:11:22.0279 0x0e34 DcomLaunch - ok
12:11:22.0295 0x0e34 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:11:22.0342 0x0e34 defragsvc - ok
12:11:22.0342 0x0e34 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:11:22.0373 0x0e34 DfsC - ok
12:11:22.0389 0x0e34 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:11:22.0420 0x0e34 Dhcp - ok
12:11:22.0451 0x0e34 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
12:11:22.0513 0x0e34 DiagTrack - ok
12:11:22.0513 0x0e34 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:11:22.0545 0x0e34 discache - ok
12:11:22.0560 0x0e34 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
12:11:22.0576 0x0e34 Disk - ok
12:11:22.0576 0x0e34 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:11:22.0591 0x0e34 Dnscache - ok
12:11:22.0607 0x0e34 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:11:22.0654 0x0e34 dot3svc - ok
12:11:22.0654 0x0e34 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:11:22.0701 0x0e34 DPS - ok
12:11:22.0701 0x0e34 [ CCA30A1F8398B46431A03CF6BB0F8789, 98EB10F1021BB51A7C427FC518E63569273DC98A74F02ADC7C6A86EBFD11C093 ] DragonSvc C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
12:11:22.0716 0x0e34 DragonSvc - ok
12:11:22.0732 0x0e34 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:11:22.0747 0x0e34 drmkaud - ok
12:11:22.0779 0x0e34 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:11:22.0810 0x0e34 DXGKrnl - ok
12:11:22.0825 0x0e34 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:11:22.0857 0x0e34 EapHost - ok
12:11:22.0950 0x0e34 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:11:23.0059 0x0e34 ebdrv - ok
12:11:23.0059 0x0e34 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] EFS C:\Windows\System32\lsass.exe
12:11:23.0075 0x0e34 EFS - ok
12:11:23.0106 0x0e34 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:11:23.0137 0x0e34 ehRecvr - ok
12:11:23.0137 0x0e34 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:11:23.0153 0x0e34 ehSched - ok
12:11:23.0169 0x0e34 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:11:23.0200 0x0e34 elxstor - ok
12:11:23.0200 0x0e34 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:11:23.0215 0x0e34 ErrDev - ok
12:11:23.0231 0x0e34 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:11:23.0278 0x0e34 EventSystem - ok
12:11:23.0293 0x0e34 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:11:23.0340 0x0e34 exfat - ok
12:11:23.0340 0x0e34 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:11:23.0387 0x0e34 fastfat - ok
12:11:23.0403 0x0e34 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:11:23.0434 0x0e34 Fax - ok
12:11:23.0449 0x0e34 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:11:23.0465 0x0e34 fdc - ok
12:11:23.0465 0x0e34 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:11:23.0496 0x0e34 fdPHost - ok
12:11:23.0512 0x0e34 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:11:23.0543 0x0e34 FDResPub - ok
12:11:23.0543 0x0e34 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:11:23.0559 0x0e34 FileInfo - ok
12:11:23.0559 0x0e34 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:11:23.0590 0x0e34 Filetrace - ok
12:11:23.0621 0x0e34 [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:11:23.0652 0x0e34 FLEXnet Licensing Service - detected Unsigned-File.Multi.Generic ( 1 )
12:11:26.0055 0x0e34 Detect skipped due to KSN trusted
12:11:26.0055 0x0e34 FLEXnet Licensing Service - ok
12:11:26.0070 0x0e34 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:11:26.0086 0x0e34 flpydisk - ok
12:11:26.0101 0x0e34 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:11:26.0117 0x0e34 FltMgr - ok
12:11:26.0133 0x0e34 [ FE95AE537B41A7E2F4CFE353064DC4AF, 1C354CAF4A8FB599BD252133C4C3845624C6F9B692E3F4C68573486FE8236EB3 ] FNETTBOH_305 C:\Windows\system32\drivers\FNETTBOH_305.SYS
12:11:26.0133 0x0e34 FNETTBOH_305 - ok
12:11:26.0148 0x0e34 [ 7C3C4B4C951EC1BDFD4F769D05E2CC68, 7B9DA195D3CF0E7BE6BB532CC5D058BC6658B7538B5C5CF09B1A4ABEF1ECACB4 ] FNETURPX C:\Windows\system32\drivers\FNETURPX.SYS
12:11:26.0148 0x0e34 FNETURPX - ok
12:11:26.0179 0x0e34 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
12:11:26.0242 0x0e34 FontCache - ok
12:11:26.0242 0x0e34 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:11:26.0257 0x0e34 FontCache3.0.0.0 - ok
12:11:26.0257 0x0e34 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:11:26.0273 0x0e34 FsDepends - ok
12:11:26.0273 0x0e34 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:11:26.0289 0x0e34 Fs_Rec - ok
12:11:26.0304 0x0e34 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:11:26.0320 0x0e34 fvevol - ok
12:11:26.0320 0x0e34 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:11:26.0335 0x0e34 gagp30kx - ok
12:11:26.0351 0x0e34 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:11:26.0413 0x0e34 gpsvc - ok
12:11:26.0429 0x0e34 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:11:26.0429 0x0e34 gupdate - ok
12:11:26.0445 0x0e34 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:11:26.0460 0x0e34 gupdatem - ok
12:11:26.0460 0x0e34 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:11:26.0476 0x0e34 hcw85cir - ok
12:11:26.0491 0x0e34 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:11:26.0507 0x0e34 HdAudAddService - ok
12:11:26.0523 0x0e34 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:11:26.0538 0x0e34 HDAudBus - ok
12:11:26.0538 0x0e34 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:11:26.0554 0x0e34 HidBatt - ok
12:11:26.0569 0x0e34 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:11:26.0585 0x0e34 HidBth - ok
12:11:26.0585 0x0e34 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:11:26.0601 0x0e34 HidIr - ok
12:11:26.0616 0x0e34 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
12:11:26.0647 0x0e34 hidserv - ok
12:11:26.0647 0x0e34 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:11:26.0663 0x0e34 HidUsb - ok
12:11:26.0663 0x0e34 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:11:26.0710 0x0e34 hkmsvc - ok
12:11:26.0710 0x0e34 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] Home-GroupListener C:\Windows\system32\ListSvc.dll
12:11:26.0741 0x0e34 HomeGroupListener - ok
12:11:26.0757 0x0e34 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:11:26.0772 0x0e34 HomeGroupProvider - ok
12:11:26.0772 0x0e34 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:11:26.0788 0x0e34 HpSAMD - ok
12:11:26.0819 0x0e34 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:11:26.0850 0x0e34 HTTP - ok
12:11:26.0850 0x0e34 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:11:26.0866 0x0e34 hwpolicy - ok
12:11:26.0866 0x0e34 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:11:26.0881 0x0e34 i8042prt - ok
12:11:26.0897 0x0e34 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:11:26.0928 0x0e34 iaStorV - ok
12:11:26.0928 0x0e34 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
12:11:26.0928 0x0e34 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
12:11:29.0331 0x0e34 Detect skipped due to KSN trusted
12:11:29.0331 0x0e34 IDriverT - ok
12:11:29.0362 0x0e34 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Founda-tion\infocard.exe
12:11:29.0409 0x0e34 idsvc - ok
12:11:29.0409 0x0e34 IEEtwCollectorService - ok
12:11:29.0721 0x0e34 [ EFE5A0AF39A8E179624117C521F1E012, 185BB1106E42256A6E7C63B09737A7059DD14DEA7C1D85ADF66C50D63CFDA556 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:11:30.0126 0x0e34 igfx - ok
12:11:30.0142 0x0e34 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:11:30.0157 0x0e34 iirsp - ok
12:11:30.0189 0x0e34 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:11:30.0220 0x0e34 IKEEXT - ok
12:11:30.0235 0x0e34 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:11:30.0251 0x0e34 IntcDAud - ok
12:11:30.0267 0x0e34 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:11:30.0267 0x0e34 intelide - ok
12:11:30.0282 0x0e34 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:11:30.0298 0x0e34 intelppm - ok
12:11:30.0298 0x0e34 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:11:30.0329 0x0e34 IPBusEnum - ok
12:11:30.0345 0x0e34 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:11:30.0376 0x0e34 IpFilterDriver - ok
12:11:30.0391 0x0e34 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:11:30.0423 0x0e34 iphlpsvc - ok
12:11:30.0423 0x0e34 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:11:30.0438 0x0e34 IPMIDRV - ok
12:11:30.0454 0x0e34 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:11:30.0485 0x0e34 IPNAT - ok
12:11:30.0501 0x0e34 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:11:30.0516 0x0e34 IRENUM - ok
12:11:30.0516 0x0e34 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:11:30.0532 0x0e34 isapnp - ok
12:11:30.0532 0x0e34 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:11:30.0563 0x0e34 iScsiPrt - ok
12:11:30.0563 0x0e34 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:11:30.0579 0x0e34 kbdclass - ok
12:11:30.0579 0x0e34 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:11:30.0594 0x0e34 kbdhid - ok
12:11:30.0594 0x0e34 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] KeyIso C:\Windows\system32\lsass.exe
12:11:30.0610 0x0e34 KeyIso - ok
12:11:30.0610 0x0e34 [ 3A8C03156C3E31E70EF84E48CA179B46, E25E43D53BB6EE1B5F34C95B4FAD111B37A36367B8D047B10FC614DEE13658E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:11:30.0625 0x0e34 KSecDD - ok
12:11:30.0641 0x0e34 [ C6330F7C2E92A00E6773E82F79078AFC, D8B851BF4FCE85F2A269F0B46BC7EC5A118FCFDACE8460E7B54C1A7CE306774A ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:11:30.0657 0x0e34 KSecPkg - ok
12:11:30.0657 0x0e34 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:11:30.0688 0x0e34 ksthunk - ok
12:11:30.0703 0x0e34 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:11:30.0750 0x0e34 KtmRm - ok
12:11:30.0766 0x0e34 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:11:30.0797 0x0e34 LanmanServer - ok
12:11:30.0813 0x0e34 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:11:30.0844 0x0e34 LanmanWorkstation - ok
12:11:30.0859 0x0e34 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:11:30.0891 0x0e34 lltdio - ok
12:11:30.0906 0x0e34 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:11:30.0937 0x0e34 lltdsvc - ok
12:11:30.0953 0x0e34 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:11:30.0984 0x0e34 lmhosts - ok
12:11:31.0000 0x0e34 [ 98B16E756243BEA9410E32025B19C06F, C4F8663FF4C2F1123CC92D88004090AD06ED12FCD07706AE168333A33B269A53 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:11:31.0015 0x0e34 LMS - ok
12:11:31.0015 0x0e34 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:11:31.0031 0x0e34 LSI_FC - ok
12:11:31.0047 0x0e34 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:11:31.0062 0x0e34 LSI_SAS - ok
12:11:31.0062 0x0e34 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:11:31.0078 0x0e34 LSI_SAS2 - ok
12:11:31.0078 0x0e34 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:11:31.0093 0x0e34 LSI_SCSI - ok
12:11:31.0109 0x0e34 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:11:31.0140 0x0e34 luafv - ok
12:11:31.0140 0x0e34 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:11:31.0156 0x0e34 Mcx2Svc - ok
12:11:31.0156 0x0e34 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:11:31.0171 0x0e34 megasas - ok
12:11:31.0187 0x0e34 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:11:31.0203 0x0e34 MegaSR - ok
12:11:31.0203 0x0e34 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:11:31.0218 0x0e34 MEIx64 - ok
12:11:31.0234 0x0e34 Microsoft SharePoint Workspace Audit Service - ok
12:11:31.0234 0x0e34 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:11:31.0265 0x0e34 MMCSS - ok
12:11:31.0281 0x0e34 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:11:31.0312 0x0e34 Modem - ok
12:11:31.0312 0x0e34 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:11:31.0327 0x0e34 monitor - ok
12:11:31.0327 0x0e34 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:11:31.0343 0x0e34 mouclass - ok
12:11:31.0343 0x0e34 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:11:31.0359 0x0e34 mouhid - ok
12:11:31.0374 0x0e34 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:11:31.0374 0x0e34 mountmgr - ok
12:11:31.0390 0x0e34 [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Servi-ce\maintenanceservice.exe
12:11:31.0405 0x0e34 MozillaMaintenance - ok
12:11:31.0405 0x0e34 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:11:31.0421 0x0e34 mpio - ok
12:11:31.0437 0x0e34 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:11:31.0468 0x0e34 mpsdrv - ok
12:11:31.0483 0x0e34 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:11:31.0546 0x0e34 MpsSvc - ok
12:11:31.0561 0x0e34 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:11:31.0577 0x0e34 MRxDAV - ok
12:11:31.0577 0x0e34 [ ACB6782973BD93760D597FC7BB37E692, 9B6EC2858D236DCE61FD5E0247F4D947A5DC484C9C0AABFDAF8270ABA392E787 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:11:31.0608 0x0e34 mrxsmb - ok
12:11:31.0608 0x0e34 [ 262BF7BB7D0E44CFAA9B12A1E0A6EDF1, CCC3A4CE929C7C8B07C1038BBE8425590CE14F5C37E1D5608978A3AD2F41519C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:11:31.0639 0x0e34 mrxsmb10 - ok
12:11:31.0639 0x0e34 [ 8C0376974AA28398FF501E78C04ACB30, 81CE67BE933F67F760A72BF9B581F33BC151D98970765FE4425450A2EF450409 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:11:31.0655 0x0e34 mrxsmb20 - ok
12:11:31.0655 0x0e34 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:11:31.0671 0x0e34 msahci - ok
12:11:31.0686 0x0e34 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:11:31.0702 0x0e34 msdsm - ok
12:11:31.0702 0x0e34 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:11:31.0717 0x0e34 MSDTC - ok
12:11:31.0733 0x0e34 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:11:31.0764 0x0e34 Msfs - ok
12:11:31.0764 0x0e34 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:11:31.0795 0x0e34 mshidkmdf - ok
12:11:31.0811 0x0e34 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:11:31.0811 0x0e34 msisadrv - ok
12:11:31.0827 0x0e34 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:11:31.0858 0x0e34 MSiSCSI - ok
12:11:31.0873 0x0e34 msiserver - ok
12:11:31.0873 0x0e34 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:11:31.0905 0x0e34 MSKSSRV - ok
12:11:31.0905 0x0e34 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:11:31.0951 0x0e34 MSPCLOCK - ok
12:11:31.0951 0x0e34 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:11:31.0983 0x0e34 MSPQM - ok
12:11:31.0998 0x0e34 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:11:32.0014 0x0e34 MsRPC - ok
12:11:32.0029 0x0e34 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:11:32.0029 0x0e34 mssmbios - ok
12:11:32.0045 0x0e34 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:11:32.0076 0x0e34 MSTEE - ok
12:11:32.0076 0x0e34 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:11:32.0092 0x0e34 MTConfig - ok
12:11:32.0092 0x0e34 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:11:32.0107 0x0e34 Mup - ok
12:11:32.0123 0x0e34 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:11:32.0170 0x0e34 napagent - ok
12:11:32.0185 0x0e34 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:11:32.0217 0x0e34 NativeWifiP - ok
12:11:32.0232 0x0e34 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:11:32.0279 0x0e34 NDIS - ok
12:11:32.0279 0x0e34 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:11:32.0310 0x0e34 NdisCap - ok
12:11:32.0326 0x0e34 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:11:32.0357 0x0e34 NdisTapi - ok
12:11:32.0357 0x0e34 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:11:32.0388 0x0e34 Ndisuio - ok
12:11:32.0404 0x0e34 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:11:32.0435 0x0e34 NdisWan - ok
12:11:32.0451 0x0e34 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:11:32.0482 0x0e34 NDProxy - ok
12:11:32.0482 0x0e34 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:11:32.0513 0x0e34 NetBIOS - ok
12:11:32.0529 0x0e34 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:11:32.0560 0x0e34 NetBT - ok
12:11:32.0575 0x0e34 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] Netlogon C:\Windows\system32\lsass.exe
12:11:32.0591 0x0e34 Netlogon - ok
12:11:32.0591 0x0e34 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:11:32.0638 0x0e34 Netman - ok
12:11:32.0653 0x0e34 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:11:32.0669 0x0e34 NetMsmqActivator - ok
12:11:32.0669 0x0e34 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:11:32.0685 0x0e34 NetPipeActivator - ok
12:11:32.0700 0x0e34 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:11:32.0747 0x0e34 netprofm - ok
12:11:32.0763 0x0e34 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:11:32.0778 0x0e34 NetTcpActivator - ok
12:11:32.0778 0x0e34 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcp-PortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:11:32.0794 0x0e34 NetTcpPortSharing - ok
12:11:32.0809 0x0e34 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:11:32.0809 0x0e34 nfrd960 - ok
12:11:32.0825 0x0e34 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:11:32.0856 0x0e34 NlaSvc - ok
12:11:32.0856 0x0e34 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:11:32.0887 0x0e34 Npfs - ok
12:11:32.0903 0x0e34 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:11:32.0934 0x0e34 nsi - ok
12:11:32.0934 0x0e34 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:11:32.0965 0x0e34 nsiproxy - ok
12:11:33.0012 0x0e34 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:11:33.0075 0x0e34 Ntfs - ok
12:11:33.0090 0x0e34 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:11:33.0121 0x0e34 Null - ok
12:11:33.0121 0x0e34 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:11:33.0137 0x0e34 nvraid - ok
12:11:33.0153 0x0e34 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:11:33.0168 0x0e34 nvstor - ok
12:11:33.0168 0x0e34 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:11:33.0184 0x0e34 nv_agp - ok
12:11:33.0199 0x0e34 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:11:33.0215 0x0e34 ohci1394 - ok
12:11:33.0215 0x0e34 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:11:33.0231 0x0e34 ose - ok
12:11:33.0355 0x0e34 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:11:33.0480 0x0e34 osppsvc - ok
12:11:33.0511 0x0e34 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:11:33.0527 0x0e34 p2pimsvc - ok
12:11:33.0543 0x0e34 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:11:33.0574 0x0e34 p2psvc - ok
12:11:33.0574 0x0e34 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:11:33.0589 0x0e34 Parport - ok
12:11:33.0605 0x0e34 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:11:33.0621 0x0e34 partmgr - ok
12:11:33.0621 0x0e34 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:11:33.0636 0x0e34 PcaSvc - ok
12:11:33.0652 0x0e34 [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
12:11:33.0667 0x0e34 pccsmcfd - ok
12:11:33.0667 0x0e34 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:11:33.0683 0x0e34 pci - ok
12:11:33.0683 0x0e34 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:11:33.0699 0x0e34 pciide - ok
12:11:33.0714 0x0e34 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:11:33.0730 0x0e34 pcmcia - ok
12:11:33.0730 0x0e34 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:11:33.0745 0x0e34 pcw - ok
12:11:33.0761 0x0e34 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:11:33.0792 0x0e34 PEAUTH - ok
12:11:33.0823 0x0e34 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:11:33.0839 0x0e34 PerfHost - ok
12:11:33.0870 0x0e34 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:11:33.0948 0x0e34 pla - ok
12:11:33.0964 0x0e34 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:11:33.0995 0x0e34 PlugPlay - ok
12:11:33.0995 0x0e34 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:11:34.0011 0x0e34 PNRPAutoReg - ok
12:11:34.0026 0x0e34 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:11:34.0042 0x0e34 PNRPsvc - ok
12:11:34.0073 0x0e34 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:11:34.0120 0x0e34 PolicyAgent - ok
12:11:34.0120 0x0e34 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:11:34.0167 0x0e34 Power - ok
12:11:34.0167 0x0e34 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:11:34.0214 0x0e34 PptpMiniport - ok
12:11:34.0214 0x0e34 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:11:34.0229 0x0e34 Processor - ok
12:11:34.0245 0x0e34 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
12:11:34.0260 0x0e34 ProfSvc - ok
12:11:34.0260 0x0e34 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:11:34.0276 0x0e34 ProtectedStorage - ok
12:11:34.0276 0x0e34 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:11:34.0323 0x0e34 Psched - ok
12:11:34.0354 0x0e34 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:11:34.0416 0x0e34 ql2300 - ok
12:11:34.0432 0x0e34 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:11:34.0432 0x0e34 ql40xx - ok
12:11:34.0448 0x0e34 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:11:34.0479 0x0e34 QWAVE - ok
12:11:34.0479 0x0e34 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:11:34.0494 0x0e34 QWAVEdrv - ok
12:11:34.0510 0x0e34 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:11:34.0541 0x0e34 RasAcd - ok
12:11:34.0541 0x0e34 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:11:34.0588 0x0e34 RasAgileVpn - ok
12:11:34.0588 0x0e34 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:11:34.0619 0x0e34 RasAuto - ok
12:11:34.0635 0x0e34 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:11:34.0666 0x0e34 Rasl2tp - ok
12:11:34.0682 0x0e34 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:11:34.0728 0x0e34 RasMan - ok
12:11:34.0728 0x0e34 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:11:34.0775 0x0e34 RasPppoe - ok
12:11:34.0775 0x0e34 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:11:34.0806 0x0e34 RasSstp - ok
12:11:34.0822 0x0e34 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:11:34.0869 0x0e34 rdbss - ok
12:11:34.0869 0x0e34 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
12:11:34.0884 0x0e34 rdpbus - ok
12:11:34.0884 0x0e34 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:11:34.0931 0x0e34 RDPCDD - ok
12:11:34.0931 0x0e34 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:11:34.0962 0x0e34 RDPENCDD - ok
12:11:34.0962 0x0e34 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:11:35.0009 0x0e34 RDPREFMP - ok
12:11:35.0009 0x0e34 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:11:35.0025 0x0e34 RDPWD - ok
12:11:35.0040 0x0e34 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:11:35.0056 0x0e34 rdyboost - ok
12:11:35.0056 0x0e34 [ ED5F5504A99E92211B753E1815A34CBC, FA4FE98D4E843105D80F83A568E2A824B3CE351DDDE4D8B28ED2909BCBDE7A93 ] RealPlayerUpdateSvc C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
12:11:35.0072 0x0e34 RealPlayerUpdateSvc - ok
12:11:35.0228 0x0e34 [ AF610CC6600953A3C236FDF41D322893, FF97727319CB6A1C79C18808F6E7AA6570A163067AE10D07190507A174A4CF10 ] RealTimes Desktop Service E:\Programme\RealTimes\RPDS\Bin\rpdsvc.exe
12:11:35.0259 0x0e34 RealTimes Desktop Service - ok
12:11:35.0274 0x0e34 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:11:35.0306 0x0e34 RemoteAccess - ok
12:11:35.0321 0x0e34 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:11:35.0352 0x0e34 RemoteRegistry - ok
12:11:35.0368 0x0e34 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:11:35.0399 0x0e34 RpcEptMapper - ok
12:11:35.0415 0x0e34 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:11:35.0430 0x0e34 RpcLocator - ok
12:11:35.0462 0x0e34 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:11:35.0508 0x0e34 RpcSs - ok
12:11:35.0524 0x0e34 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:11:35.0555 0x0e34 rspndr - ok
12:11:35.0586 0x0e34 [ ED5873F7DFB2F96D37F13322211B6BDC, 26CAE8FD1CFDB568D6A881CDE973F9929013EB0403347E5D19CABAA215012381 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:11:35.0633 0x0e34 RTL8167 - ok
12:11:35.0633 0x0e34 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] SamSs C:\Windows\system32\lsass.exe
12:11:35.0649 0x0e34 SamSs - ok
12:11:35.0664 0x0e34 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:11:35.0680 0x0e34 sbp2port - ok
12:11:35.0696 0x0e34 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:11:35.0742 0x0e34 SCardSvr - ok
12:11:35.0742 0x0e34 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:11:35.0774 0x0e34 scfilter - ok
12:11:35.0836 0x0e34 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
12:11:35.0914 0x0e34 Schedule - ok
12:11:35.0914 0x0e34 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:11:35.0945 0x0e34 SCPolicySvc - ok
12:11:35.0961 0x0e34 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:11:36.0008 0x0e34 SDRSVC - ok
12:11:36.0008 0x0e34 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:11:36.0054 0x0e34 secdrv - ok
12:11:36.0054 0x0e34 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:11:36.0101 0x0e34 seclogon - ok
12:11:36.0101 0x0e34 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
12:11:36.0148 0x0e34 SENS - ok
12:11:36.0148 0x0e34 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:11:36.0164 0x0e34 SensrSvc - ok
12:11:36.0164 0x0e34 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:11:36.0179 0x0e34 Serenum - ok
12:11:36.0195 0x0e34 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:11:36.0210 0x0e34 Serial - ok
12:11:36.0210 0x0e34 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:11:36.0226 0x0e34 sermouse - ok
12:11:36.0242 0x0e34 [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
12:11:36.0273 0x0e34 ServiceLayer - ok
12:11:36.0288 0x0e34 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:11:36.0320 0x0e34 SessionEnv - ok
12:11:36.0335 0x0e34 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:11:36.0351 0x0e34 sffdisk - ok
12:11:36.0351 0x0e34 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:11:36.0366 0x0e34 sffp_mmc - ok
12:11:36.0366 0x0e34 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:11:36.0382 0x0e34 sffp_sd - ok
12:11:36.0382 0x0e34 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:11:36.0398 0x0e34 sfloppy - ok
12:11:36.0413 0x0e34 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:11:36.0460 0x0e34 SharedAccess - ok
12:11:36.0476 0x0e34 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:11:36.0522 0x0e34 ShellHWDetection - ok
12:11:36.0522 0x0e34 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:11:36.0538 0x0e34 SiSRaid2 - ok
12:11:36.0538 0x0e34 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:11:36.0554 0x0e34 SiSRaid4 - ok
12:11:36.0569 0x0e34 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:11:36.0585 0x0e34 SkypeUpdate - ok
12:11:36.0600 0x0e34 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:11:36.0632 0x0e34 Smb - ok
12:11:36.0647 0x0e34 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:11:36.0663 0x0e34 SNMPTRAP - ok
12:11:36.0663 0x0e34 [ FFC5F7ED77AA59AA0A6B70F3D7A22A93, F0EF3A1A8C74CDD9EE0EF585F0489385573D764DE75E14FA8ADFEA05112935DA ] Sound Blaster X-Fi MB Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
12:11:36.0663 0x0e34 Sound Blaster X-Fi MB Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
12:11:39.0081 0x0e34 Detect skipped due to KSN trusted
12:11:39.0081 0x0e34 Sound Blaster X-Fi MB Licensing Service - ok
12:11:39.0096 0x0e34 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:11:39.0112 0x0e34 spldr - ok
12:11:39.0128 0x0e34 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:11:39.0159 0x0e34 Spooler - ok
12:11:39.0252 0x0e34 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:11:39.0393 0x0e34 sppsvc - ok
12:11:39.0393 0x0e34 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:11:39.0440 0x0e34 sppuinotify - ok
12:11:39.0440 0x0e34 sptd - ok
12:11:39.0455 0x0e34 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:11:39.0486 0x0e34 srv - ok
12:11:39.0502 0x0e34 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:11:39.0518 0x0e34 srv2 - ok
12:11:39.0533 0x0e34 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:11:39.0549 0x0e34 srvnet - ok
12:11:39.0564 0x0e34 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:11:39.0611 0x0e34 SSDPSRV - ok
12:11:39.0611 0x0e34 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:11:39.0658 0x0e34 SstpSvc - ok
12:11:39.0658 0x0e34 [ EF806D212D34B0E173BAEB3564D53E37, 6EF229A7B7AFF0268CDF47B77F961BD44335C3B35499BB00CBA494A22B2BA39E ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
12:11:39.0674 0x0e34 ss_bbus - ok
12:11:39.0674 0x0e34 [ 08B1B34ABEBEB6AC2DEA06900C56411E, 928EF9B9F194DB07049BA2D7127756B021C2729F562E54F7FECD0F2B2FF5A209 ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
12:11:39.0689 0x0e34 ss_bmdfl - ok
12:11:39.0689 0x0e34 [ 71A9DA6BEAA4CB54DFB827FB78600A5D, 6393CA17CF6A6F30447FF599B2D27CAB44BA1A709D986AC5E14463303094BE5F ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
12:11:39.0705 0x0e34 ss_bmdm - ok
12:11:39.0720 0x0e34 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:11:39.0720 0x0e34 stexstor - ok
12:11:39.0752 0x0e34 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:11:39.0783 0x0e34 stisvc - ok
12:11:39.0783 0x0e34 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:11:39.0798 0x0e34 swenum - ok
12:11:39.0814 0x0e34 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:11:39.0861 0x0e34 swprv - ok
12:11:39.0908 0x0e34 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
12:11:39.0986 0x0e34 SysMain - ok
12:11:39.0986 0x0e34 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:11:40.0017 0x0e34 TabletInputService - ok
12:11:40.0032 0x0e34 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:11:40.0079 0x0e34 TapiSrv - ok
12:11:40.0079 0x0e34 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:11:40.0110 0x0e34 TBS - ok
12:11:40.0173 0x0e34 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:11:40.0235 0x0e34 Tcpip - ok
12:11:40.0282 0x0e34 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:11:40.0344 0x0e34 TCPIP6 - ok
12:11:40.0360 0x0e34 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:11:40.0376 0x0e34 tcpipreg - ok
12:11:40.0376 0x0e34 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:11:40.0391 0x0e34 TDPIPE - ok
12:11:40.0391 0x0e34 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:11:40.0407 0x0e34 TDTCP - ok
12:11:40.0407 0x0e34 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:11:40.0422 0x0e34 tdx - ok
12:11:40.0438 0x0e34 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:11:40.0454 0x0e34 TermDD - ok
12:11:40.0469 0x0e34 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:11:40.0500 0x0e34 TermService - ok
12:11:40.0516 0x0e34 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:11:40.0532 0x0e34 Themes - ok
12:11:40.0547 0x0e34 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:11:40.0578 0x0e34 THREADORDER - ok
12:11:40.0578 0x0e34 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:11:40.0625 0x0e34 TrkWks - ok
12:11:40.0625 0x0e34 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:11:40.0672 0x0e34 TrustedInstaller - ok
12:11:40.0672 0x0e34 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:11:40.0688 0x0e34 tssecsrv - ok
12:11:40.0688 0x0e34 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:11:40.0703 0x0e34 TsUsbFlt - ok
12:11:40.0719 0x0e34 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:11:40.0719 0x0e34 TsUsbGD - ok
12:11:40.0734 0x0e34 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:11:40.0766 0x0e34 tunnel - ok
12:11:40.0781 0x0e34 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:11:40.0781 0x0e34 uagp35 - ok
12:11:40.0797 0x0e34 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:11:40.0844 0x0e34 udfs - ok
12:11:40.0859 0x0e34 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:11:40.0875 0x0e34 UI0Detect - ok
12:11:40.0875 0x0e34 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:11:40.0890 0x0e34 uliagpkx - ok
12:11:40.0890 0x0e34 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:11:40.0906 0x0e34 umbus - ok
12:11:40.0906 0x0e34 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
12:11:40.0922 0x0e34 UmPass - ok
12:11:41.0000 0x0e34 [ 7A78ED1088890114DFDE2C4AB038D6B6, B52357594A90A8BCF5F96FA630F52BB1274A2FE814AF0270D21C892871D076FC ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:11:41.0078 0x0e34 UNS - ok
12:11:41.0093 0x0e34 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:11:41.0140 0x0e34 upnphost - ok
12:11:41.0140 0x0e34 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:11:41.0156 0x0e34 usbaudio - ok
12:11:41.0156 0x0e34 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:11:41.0171 0x0e34 usbccgp - ok
12:11:41.0187 0x0e34 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:11:41.0202 0x0e34 usbcir - ok
12:11:41.0202 0x0e34 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:11:41.0218 0x0e34 usbehci - ok
12:11:41.0234 0x0e34 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:11:41.0249 0x0e34 usbhub - ok
12:11:41.0265 0x0e34 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:11:41.0265 0x0e34 usbohci - ok
12:11:41.0280 0x0e34 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:11:41.0296 0x0e34 usbprint - ok
12:11:41.0296 0x0e34 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
12:11:41.0312 0x0e34 usbscan - ok
12:11:41.0327 0x0e34 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:11:41.0343 0x0e34 USBSTOR - ok
12:11:41.0343 0x0e34 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:11:41.0358 0x0e34 usbuhci - ok
12:11:41.0358 0x0e34 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:11:41.0390 0x0e34 UxSms - ok
12:11:41.0405 0x0e34 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] VaultSvc C:\Windows\system32\lsass.exe
12:11:41.0405 0x0e34 VaultSvc - ok
12:11:41.0421 0x0e34 VBoxAswDrv - ok
12:11:41.0421 0x0e34 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:11:41.0436 0x0e34 vdrvroot - ok
12:11:41.0452 0x0e34 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:11:41.0514 0x0e34 vds - ok
12:11:41.0514 0x0e34 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:11:41.0530 0x0e34 vga - ok
12:11:41.0530 0x0e34 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:11:41.0577 0x0e34 VgaSave - ok
12:11:41.0577 0x0e34 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:11:41.0592 0x0e34 vhdmp - ok
12:11:41.0655 0x0e34 [ D928C90CC759499E916B8FB5B8F32DDC, 18019A85C3C4A8762DA542A1BDBD8BD19F296505D3C4A419FB8BC6060A1B697B ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
12:11:41.0733 0x0e34 VIAHdAudAddService - ok
12:11:41.0733 0x0e34 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:11:41.0748 0x0e34 viaide - ok
12:11:41.0748 0x0e34 [ 224153C26FABE55CD6D751BFDF94FD3B, 33785CACBC5C8C153FA61B1A43F165AD84037846AB07332E3E1EF0E39D52898F ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
12:11:41.0764 0x0e34 VIAKaraokeService - ok
12:11:41.0764 0x0e34 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:11:41.0780 0x0e34 volmgr - ok
12:11:41.0795 0x0e34 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:11:41.0811 0x0e34 volmgrx - ok
12:11:41.0826 0x0e34 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:11:41.0842 0x0e34 volsnap - ok
12:11:41.0858 0x0e34 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:11:41.0873 0x0e34 vsmraid - ok
12:11:41.0920 0x0e34 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:11:41.0998 0x0e34 VSS - ok
12:11:41.0998 0x0e34 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:11:42.0014 0x0e34 vwifibus - ok
12:11:42.0029 0x0e34 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:11:42.0076 0x0e34 W32Time - ok
12:11:42.0092 0x0e34 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:11:42.0092 0x0e34 WacomPen - ok
12:11:42.0107 0x0e34 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:11:42.0138 0x0e34 WANARP - ok
12:11:42.0138 0x0e34 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:11:42.0185 0x0e34 Wanarpv6 - ok
12:11:42.0216 0x0e34 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:11:42.0263 0x0e34 WatAdminSvc - ok
12:11:42.0310 0x0e34 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:11:42.0357 0x0e34 wbengine - ok
12:11:42.0372 0x0e34 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:11:42.0404 0x0e34 WbioSrvc - ok
12:11:42.0419 0x0e34 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:11:42.0435 0x0e34 wcncsvc - ok
12:11:42.0450 0x0e34 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:11:42.0466 0x0e34 WcsPlugInService - ok
12:11:42.0466 0x0e34 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:11:42.0482 0x0e34 Wd - ok
12:11:42.0497 0x0e34 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:11:42.0544 0x0e34 Wdf01000 - ok
12:11:42.0544 0x0e34 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:11:42.0560 0x0e34 WdiServiceHost - ok
12:11:42.0560 0x0e34 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSys-temHost C:\Windows\system32\wdi.dll
12:11:42.0591 0x0e34 WdiSystemHost - ok
12:11:42.0591 0x0e34 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
12:11:42.0622 0x0e34 WebClient - ok
12:11:42.0622 0x0e34 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:11:42.0669 0x0e34 Wecsvc - ok
12:11:42.0669 0x0e34 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:11:42.0716 0x0e34 wercplsupport - ok
12:11:42.0716 0x0e34 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:11:42.0762 0x0e34 WerSvc - ok
12:11:42.0762 0x0e34 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:11:42.0794 0x0e34 WfpLwf - ok
12:11:42.0794 0x0e34 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:11:42.0809 0x0e34 WIMMount - ok
12:11:42.0809 0x0e34 WinDefend - ok
12:11:42.0825 0x0e34 WinHttpAutoProxySvc - ok
12:11:42.0840 0x0e34 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:11:42.0872 0x0e34 Winmgmt - ok
12:11:42.0934 0x0e34 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
12:11:43.0012 0x0e34 WinRM - ok
12:11:43.0012 0x0e34 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
12:11:43.0028 0x0e34 WinUsb - ok
12:11:43.0059 0x0e34 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:11:43.0106 0x0e34 Wlansvc - ok
12:11:43.0106 0x0e34 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:11:43.0121 0x0e34 WmiAcpi - ok
12:11:43.0137 0x0e34 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:11:43.0152 0x0e34 wmiApSrv - ok
12:11:43.0152 0x0e34 WMPNetworkSvc - ok
12:11:43.0168 0x0e34 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:11:43.0184 0x0e34 WPCSvc - ok
12:11:43.0184 0x0e34 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:11:43.0215 0x0e34 WPDBusEnum - ok
12:11:43.0215 0x0e34 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:11:43.0246 0x0e34 ws2ifsl - ok
12:11:43.0246 0x0e34 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
12:11:43.0277 0x0e34 wscsvc - ok
12:11:43.0277 0x0e34 WSearch - ok
12:11:43.0355 0x0e34 [ 291778E1A36716182AFBC1731B2DFEAB, C0B928CCCE8C496C90C42E0D294BAB51DC67C02B0D20CFB6A16B0AE1F51CC497 ] wuauserv C:\Windows\system32\wuaueng.dll
12:11:43.0433 0x0e34 wuauserv - ok
12:11:43.0449 0x0e34 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:11:43.0464 0x0e34 WudfPf - ok
12:11:43.0480 0x0e34 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\drivers\WUDFRd.sys
12:11:43.0496 0x0e34 WUDFRd - ok
12:11:43.0496 0x0e34 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:11:43.0511 0x0e34 wudfsvc - ok
12:11:43.0527 0x0e34 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:11:43.0542 0x0e34 WwanSvc - ok
12:11:43.0558 0x0e34 ================ Scan global ===============================
12:11:43.0558 0x0e34 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
12:11:43.0574 0x0e34 [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
12:11:43.0589 0x0e34 [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
12:11:43.0589 0x0e34 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:11:43.0605 0x0e34 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
12:11:43.0620 0x0e34 [ Global ] - ok
12:11:43.0620 0x0e34 ================ Scan MBR ==================================
12:11:43.0620 0x0e34 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:11:43.0730 0x0e34 \Device\Harddisk0\DR0 - ok
12:11:43.0761 0x0e34 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:11:43.0823 0x0e34 \Device\Harddisk1\DR1 - ok
12:11:43.0823 0x0e34 ================ Scan VBR ==================================
12:11:43.0823 0x0e34 [ 72BFC87BFCDE841EC4D7E60A902375A7 ] \Device\Harddisk0\DR0\Partition1
12:11:43.0823 0x0e34 \Device\Harddisk0\DR0\Partition1 - ok
12:11:43.0823 0x0e34 [ 764B8B2CEA12D734340E129A8B950224 ] \Device\Harddisk0\DR0\Partition2
12:11:43.0823 0x0e34 \Device\Harddisk0\DR0\Partition2 - ok
12:11:43.0839 0x0e34 [ 631BA700A5A42D6D4D68B75C04DD88F2 ] \Device\Harddisk1\DR1\Partition1
12:11:43.0886 0x0e34 \Device\Harddisk1\DR1\Partition1 - ok
12:11:43.0886 0x0e34 ================ Scan generic autorun ======================
12:11:43.0886 0x0e34 [ 43F00115C2FF39F2E1152A6AE1D85296, C6C138908A996273BA692E341072272E27366A1CCBEA393CE0C0A51AC186BFD4 ] C:\Windows\system32\igfxtray.exe
12:11:43.0917 0x0e34 IgfxTray - ok
12:11:43.0932 0x0e34 [ 77F436CF85CEC9FF73BDB418261F65F0, 66CE80AE5224881BC4AB338534F16FBA1ADBE45D4B38E9C1485DB016623A77B1 ] C:\Windows\system32\hkcmd.exe
12:11:43.0948 0x0e34 HotKeysCmds - ok
12:11:43.0964 0x0e34 [ 3636EF5F0FB848F195BEF6D217D43935, CAC2E5277EAF6FB0B59D48E1BA7FD713F5689E267341E7B6ADDACF40A8DC4C12 ] C:\Windows\system32\igfxpers.exe
12:11:43.0979 0x0e34 Persistence - ok
12:11:43.0995 0x0e34 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\RunDLL32.exe
12:11:44.0010 0x0e34 RunDLLEntry - ok
12:11:44.0010 0x0e34 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
12:11:44.0026 0x0e34 Logitech Download Assistant - ok
12:11:44.0104 0x0e34 [ FF9FD27F60849A4FE852FB8E183EA1A0, 758FD257BD7DF171501085EAE94C161800CE334627176F30171041E368791A74 ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
12:11:44.0182 0x0e34 HDAudDeck - ok
12:11:44.0307 0x0e34 [ 1248D3C920BFC59FE8B9D1C0808167D7, 8CA1AAA564F0EC5ED8DAEEDE8EF6A5A4B63CBCF030A390ADDDEECD5E03092934 ] C:\Program Files (x86)\XFastUsb\XFastUsb.exe
12:11:44.0463 0x0e34 XFastUsb - detected UnsignedFile.Multi.Generic ( 1 )
12:11:46.0850 0x0e34 Detect skipped due to KSN trusted
12:11:46.0850 0x0e34 XFastUsb - ok
12:11:46.0865 0x0e34 [ 43A4F52F7A38ED9EE0AACA36FE6DAC5D, 1701C050E18E98BB9AD29568B8A50D1F907E6F6EF53520D53EF281B847C5B0C9 ] C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
12:11:46.0881 0x0e34 VolPanel - detected UnsignedFile.Multi.Generic ( 1 )
12:11:49.0268 0x0e34 Detect skipped due to KSN trusted
12:11:49.0268 0x0e34 VolPanel - ok
12:11:49.0283 0x0e34 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office 2010\Office14\BCSSync.exe
12:11:49.0299 0x0e34 BCSSync - ok
12:11:49.0299 0x0e34 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:11:49.0314 0x0e34 APSDaemon - ok
12:11:49.0361 0x0e34 [ 6F5C9785C05D23DABE407653C12B8A05, 3EC2AACE39D47BC3C34CC8F53DA652A5FFE3A09304AB77AFCF17D4E5CC10F82E ] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe
12:11:49.0424 0x0e34 ISUSPM - ok
12:11:49.0564 0x0e34 [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
12:11:49.0720 0x0e34 AvastUI.exe - ok
12:11:49.0736 0x0e34 [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe
12:11:49.0751 0x0e34 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
12:11:52.0138 0x0e34 Detect skipped due to KSN trusted
12:11:52.0138 0x0e34 QuickTime Task - ok
12:11:52.0216 0x0e34 [ 35FD33EAE23AF69715EE3231A9F15B82, C7351F3537F4B938E4E8A8A8DD59039298F9B09678A4BC09B2A362DC4B25E2C0 ] E:\Programme\Acrobat 9.0\Acrobat\Acrobat_sl.exe
12:11:52.0232 0x0e34 Adobe Acrobat Speed Launcher - ok
12:11:52.0294 0x0e34 [ 6F5C9785C05D23DABE407653C12B8A05, 3EC2AACE39D47BC3C34CC8F53DA652A5FFE3A09304AB77AFCF17D4E5CC10F82E ] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
12:11:52.0356 0x0e34 ISUSPM - ok
12:11:52.0419 0x0e34 [ 8190C737D783DA1F1D03A150BAC03F35, 03C2E2348376A24D269F863F0238975F0C23457BD9F0EFB692DD66EFA0BC6841 ] E:\Programme\WinPatrol\winpatrol.exe
12:11:52.0450 0x0e34 WinPatrol - ok
12:11:52.0637 0x0e34 [ 14EF06B1EA531D681B5738F37388B99C, AB74735A3569B7995572FD7B0D026919CADA27C43A6AD0503659CE7CA3FF6B84 ] C:\Program Files\CCleaner\CCleaner64.exe
12:11:52.0824 0x0e34 CCleaner Monitoring - ok
12:11:52.0840 0x0e34 Waiting for KSN requests completion. In queue: 8
12:11:53.0854 0x0e34 Waiting for KSN requests completion. In queue: 8
12:11:54.0868 0x0e34 Waiting for KSN requests completion. In queue: 8
12:11:55.0898 0x0e34 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
12:11:55.0913 0x0e34 Win FW state via NFP2: enabled ( trusted )
12:11:58.0347 0x0e34 ============================================================
12:11:58.0347 0x0e34 Scan finished
12:11:58.0347 0x0e34 ============================================================
12:11:58.0347 0x13a0 Detected object count: 0
12:11:58.0347 0x13a0 Actual detected object count: 0
Vielen Dank! |
|
30.10.2015, 08:59
| #4 |
| /// the machine /// TB-Ausbilder | Firefox stürzt fast alle 10min ab Genau. Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Revo Uninstaller - Download - Filepony damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.mozilla.org/de/kb/fi...einfach-loesen Und ebenso bitte die Hardwarebeschleunigung in FF abschalten.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.10.2015, 19:19
| #5 |
| | Firefox stürzt fast alle 10min ab Hallo, vielen Dank! Ich habe alles gemacht, leider besteht das Problem nach wie vor. FF stürzt ständig ab und macht mir das Arbeiten fast unmöglich... :-( Hier das Log vom AdwCleaner: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.015 - Bericht erstellt am 30/10/2015 um 14:57:27 # Aktualisiert am 26/10/2015 von Xplode # Datenbank : 2015-10-29.1 [Server] # Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64) # Benutzername : *** - PC # Gestartet von : C:\Users\***\Desktop\AdwCleaner_5.015.exe # Option : Löschen # Unterstützung : Forum - ToolsLib ***** [ Dienste ] ***** ***** [ Ordner ] ***** [-] Ordner Gelöscht : C:\Users\***\Favorites\Links\radio [!] Ordner Nicht Gelöscht : C:\Users\***\Favorites\Links\radio [-] Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil ***** [ Dateien ] ***** ***** [ DLLs ] ***** ***** [ Verknüpfungen ] ***** ***** [ Geplante Tasks ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] ***** [ Internetbrowser ] ***** ************************* :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht :: Chrome Richtlinien gelöscht ########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [1166 Bytes] ########## Ich habe gesehen, dass die Hardwarebeschleunigung schon vorher deaktiert war, ich habe sie nun erneut abgeschaltet (nach der Neuinstallation). Die Sachen, die der AdwCleaner gefunden hat, sind das Schadprogramme? Woran kann es denn jetzt noch liegen? Ich hoffe, wir finden eine Lösung... Danke und viele Grüße! |
|
31.10.2015, 17:19
| #6 |
| /// the machine /// TB-Ausbilder | Firefox stürzt fast alle 10min ab Hast Du FF nach der Neuinstallation auch zurückgesetzt? Wenn ja, starte FF mal im Safemode, ohne Addons. Stürzt er dann auch ab?
__________________ --> Firefox stürzt fast alle 10min ab |
|
31.10.2015, 18:39
| #7 |
| | Firefox stürzt fast alle 10min ab Hallo, Ja, ich habe FF nach der Neuinstallation zurückgesetzt - ich habe alles in der Reihenfolge gemacht, wie du es mir geschrieben hast. Den abgesicherten Modus habe ich soeben getestet, FF stürzt auch da ab. Es hat ungefähr 10min halbwegs normal (lief langsamer als im "normalen" Modus) funktioniert, dann begann FF ständig zu stoppen und innezuhalten. Das ging dann ein Weilchen so (blockierte ständig), bis er dann schließlich wieder abgestürzt ist. Insgesamt lief FF im abgesicherten Modus viel schlechter als "normal". Was könnte denn das Problem sein? Ich bin schon ganz verzweifelt, weil ich gar nicht mehr richtig mit FF arbeiten kann (und dies jedoch beruflich dringend müsste)... Danke |
|
01.11.2015, 07:27
| #8 | |
| /// the machine /// TB-Ausbilder | Firefox stürzt fast alle 10min abZitat:
http://support2.microsoft.com/kb/929135/de Bitte einen Clean Boot machen. Geht Firefox dann?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.11.2015, 21:54
| #9 |
| | Firefox stürzt fast alle 10min ab Hallo, ich muss beruflich viel im Internet recherchieren und habe mir daher im FF eine Symbolleiste mit vielen Icons von den Links, die ich häufig benutze, eingerichtet. Im IE habe ich das natürlich nicht und meine Arbeit dauert daher viel länger. Ich finde den IE auch in der Verwendung unsympathisch, aber das sind natürlich persönliche Vorlieben. Ich habe früher ausschließlich den IE verwendet, da habe ich mir jedoch andauert Viren etc. eingefangen - dann hat mir hier im Forum ein Helfer den Tipp gegeben, auf FF umzusteigen, seitdem hatte ich keinerlei Probleme mehr mit Viren (soweit man das kontrollieren kann). [Opera hatte ich mir mal für kurze Zeit runtergeladen, der hat jedoch irgendwie nie richtig funktioniert] Ich habe den Clean Boot gemacht und FF getestet, nach knapp einer Viertelstunde blockierte er und stürzte dann bald drauf wieder ab. Als ich die Einstellungen für den Clean Boot gemacht habe, habe ich gesehen, dass bei mir vorher gar nicht "Normaler Systemstart" eingestellt war, sondern " Benutzerdefinierter Systemstart" (die zwei Kästchen darunter waren komplett markiert - also nicht angekreuzt, sondern das ganz Kästchen war blau ausgemalt). Ist das normal? Gestern hatte ich das Gefühl, das mein eMail-Programm (Thunderbird) auch 2-3 Mal kurz hängt, aber ich bin mir nicht sicher, vielleicht war das auch einfach in dem Moment, in dem FF wieder abgestürzt ist. Danke! Update am Abend: ich habe soeben eine Weile mit dem IE gearbeitet, dabei habe ich gemerkt, dass er ein bisschen langsam lädt und dass er ab und zu steckt - nach Kurzem ist der IE dann ebenfalls abgestürzt..!! Warum stürzt denn plötzlich jeder Internet Browser ab? Danke! |
|
02.11.2015, 20:36
| #10 |
| /// the machine /// TB-Ausbilder | Firefox stürzt fast alle 10min ab Ich glaube hier hilft nur ne Reparatur von Windows. Windows DVD zur Hand?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Firefox stürzt fast alle 10min ab |
| absturz, antivirus, combofix, defender, dnsapi.dll, firefox, flash player, google, helper, home, homepage, mozilla, object, prozesse, registry, rundll, scan, security, services.exe, software, svchost.exe, system, udp, usb, virus, windows |
Linear-Darstellung
